aws-sdk-core 3.165.1 → 3.168.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +41 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +6 -4
- data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +2 -1
- data/lib/aws-sdk-core/plugins/sign.rb +17 -7
- data/lib/aws-sdk-core/shared_config.rb +36 -8
- data/lib/aws-sdk-core/sso_credentials.rb +79 -44
- data/lib/aws-sdk-core/sso_token_provider.rb +3 -2
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso/types.rb +0 -35
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-ssooidc/client.rb +1 -1
- data/lib/aws-sdk-ssooidc/types.rb +0 -32
- data/lib/aws-sdk-ssooidc.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +122 -122
- data/lib/aws-sdk-sts/endpoint_provider.rb +2 -2
- data/lib/aws-sdk-sts/types.rb +79 -186
- data/lib/aws-sdk-sts.rb +1 -1
- data/lib/seahorse/client/h2/connection.rb +2 -5
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d3feaec82dc395d31e4cd17d9951ac80c191c69156317b9cfab13834fe95755a
|
4
|
+
data.tar.gz: efb2c1a30e3d3baccbcfdeb92390a18efb5aaf8a145d1d0cd6129b10413f6358
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 77b3fe5b4fcfa3c7855b5d9adcae5957cd8080d049abcd346bcf84500c6aa507d22d91cd9bf9b252da95a2414e513c6729bc3d2905b23d8a276ecf9fa07922ca
|
7
|
+
data.tar.gz: 27f2a8fcd85631e81e0055bbd593cfd04dcaf17002d52edb9ff5beb25aff0e0974afad22a5ac905010e9ef8f165fa9ab47cd7bd8e154023f10ac44b185d4afcc
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,47 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
3.168.4 (2022-12-08)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Issue - Fix Sign to not sign Sigv2 requests to S3.
|
8
|
+
|
9
|
+
3.168.3 (2022-12-02)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Issue - Retry S3's `BadDigest` error
|
13
|
+
|
14
|
+
3.168.2 (2022-11-29)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Issue - Allow region resolution in `AssumeRoleCredentials` from `CredentialProviderChain`.
|
18
|
+
|
19
|
+
3.168.1 (2022-11-18)
|
20
|
+
------------------
|
21
|
+
|
22
|
+
* Issue - Fix initialization of SSOTokenProvider when `AWS_PROFILE` is specified.
|
23
|
+
|
24
|
+
3.168.0 (2022-11-17)
|
25
|
+
------------------
|
26
|
+
|
27
|
+
* Feature - Updated Aws::STS::Client with the latest API changes.
|
28
|
+
|
29
|
+
3.167.0 (2022-11-09)
|
30
|
+
------------------
|
31
|
+
|
32
|
+
* Issue - Ensure the stream_thread is not killed before H2 connection status is updated (#2779).
|
33
|
+
|
34
|
+
* Feature - Add token refresh support to `SSOCredentialProvider`.
|
35
|
+
|
36
|
+
3.166.0 (2022-10-26)
|
37
|
+
------------------
|
38
|
+
|
39
|
+
* Feature - Updated Aws::STS::Client with the latest API changes.
|
40
|
+
|
41
|
+
* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
|
42
|
+
|
43
|
+
* Feature - Updated Aws::SSO::Client with the latest API changes.
|
44
|
+
|
4
45
|
3.165.1 (2022-10-25)
|
5
46
|
------------------
|
6
47
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.168.4
|
@@ -169,12 +169,14 @@ module Aws
|
|
169
169
|
end
|
170
170
|
|
171
171
|
def assume_role_with_profile(options, profile_name)
|
172
|
-
|
173
|
-
Aws.shared_config.assume_role_credentials_from_config(
|
172
|
+
assume_opts = {
|
174
173
|
profile: profile_name,
|
175
|
-
region: region,
|
176
174
|
chain_config: @config
|
177
|
-
|
175
|
+
}
|
176
|
+
if options[:config] && options[:config].region
|
177
|
+
assume_opts[:region] = options[:config].region
|
178
|
+
end
|
179
|
+
Aws.shared_config.assume_role_credentials_from_config(assume_opts)
|
178
180
|
end
|
179
181
|
end
|
180
182
|
end
|
@@ -37,15 +37,25 @@ module Aws
|
|
37
37
|
|
38
38
|
class Handler < Seahorse::Client::Handler
|
39
39
|
def call(context)
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
40
|
+
# Skip signing if using sigv2 signing from s3_signer in S3
|
41
|
+
unless v2_signing?(context.config)
|
42
|
+
signer = Sign.signer_for(
|
43
|
+
context[:auth_scheme],
|
44
|
+
context.config,
|
45
|
+
context[:sigv4_region]
|
46
|
+
)
|
47
|
+
signer.sign(context)
|
48
|
+
end
|
47
49
|
@handler.call(context)
|
48
50
|
end
|
51
|
+
|
52
|
+
private
|
53
|
+
|
54
|
+
def v2_signing?(config)
|
55
|
+
# 's3' is legacy signing, 'v4' is default
|
56
|
+
config.respond_to?(:signature_version) &&
|
57
|
+
config.signature_version == 's3'
|
58
|
+
end
|
49
59
|
end
|
50
60
|
|
51
61
|
# @api private
|
@@ -3,9 +3,10 @@
|
|
3
3
|
module Aws
|
4
4
|
# @api private
|
5
5
|
class SharedConfig
|
6
|
-
|
6
|
+
SSO_CREDENTIAL_PROFILE_KEYS = %w[sso_account_id sso_role_name].freeze
|
7
|
+
SSO_PROFILE_KEYS = %w[sso_session sso_start_url sso_region sso_account_id sso_role_name].freeze
|
7
8
|
SSO_TOKEN_PROFILE_KEYS = %w[sso_session].freeze
|
8
|
-
SSO_SESSION_KEYS = %w[sso_region]
|
9
|
+
SSO_SESSION_KEYS = %w[sso_region sso_start_url].freeze
|
9
10
|
|
10
11
|
|
11
12
|
# @return [String]
|
@@ -331,14 +332,41 @@ module Aws
|
|
331
332
|
def sso_credentials_from_profile(cfg, profile)
|
332
333
|
if @parsed_config &&
|
333
334
|
(prof_config = cfg[profile]) &&
|
334
|
-
!(prof_config.keys &
|
335
|
+
!(prof_config.keys & SSO_CREDENTIAL_PROFILE_KEYS).empty?
|
336
|
+
|
337
|
+
if sso_session_name = prof_config['sso_session']
|
338
|
+
sso_session = cfg["sso-session #{sso_session_name}"]
|
339
|
+
unless sso_session
|
340
|
+
raise ArgumentError,
|
341
|
+
"sso-session #{sso_session_name} must be defined in the config file. " \
|
342
|
+
"Referenced by profile #{profile}"
|
343
|
+
end
|
344
|
+
sso_region = sso_session['sso_region']
|
345
|
+
sso_start_url = sso_session['sso_start_url']
|
346
|
+
|
347
|
+
# validate sso_region and sso_start_url don't conflict if set on profile and session
|
348
|
+
if prof_config['sso_region'] && prof_config['sso_region'] != sso_region
|
349
|
+
raise ArgumentError,
|
350
|
+
"sso-session #{sso_session_name}'s sso_region (#{sso_region}) " \
|
351
|
+
"does not match the profile #{profile}'s sso_region (#{prof_config['sso_region']}'"
|
352
|
+
end
|
353
|
+
if prof_config['sso_start_url'] && prof_config['sso_start_url'] != sso_start_url
|
354
|
+
raise ArgumentError,
|
355
|
+
"sso-session #{sso_session_name}'s sso_start_url (#{sso_start_url}) " \
|
356
|
+
"does not match the profile #{profile}'s sso_start_url (#{prof_config['sso_start_url']}'"
|
357
|
+
end
|
358
|
+
else
|
359
|
+
sso_region = prof_config['sso_region']
|
360
|
+
sso_start_url = prof_config['sso_start_url']
|
361
|
+
end
|
335
362
|
|
336
363
|
SSOCredentials.new(
|
337
|
-
sso_start_url: prof_config['sso_start_url'],
|
338
|
-
sso_region: prof_config['sso_region'],
|
339
364
|
sso_account_id: prof_config['sso_account_id'],
|
340
|
-
sso_role_name: prof_config['sso_role_name']
|
341
|
-
|
365
|
+
sso_role_name: prof_config['sso_role_name'],
|
366
|
+
sso_session: prof_config['sso_session'],
|
367
|
+
sso_region: sso_region,
|
368
|
+
sso_start_url: prof_config['sso_start_url']
|
369
|
+
)
|
342
370
|
end
|
343
371
|
end
|
344
372
|
|
@@ -353,7 +381,7 @@ module Aws
|
|
353
381
|
sso_session = cfg["sso-session #{sso_session_name}"]
|
354
382
|
unless sso_session
|
355
383
|
raise ArgumentError,
|
356
|
-
"sso-session #{sso_session_name} must be defined in the config file."
|
384
|
+
"sso-session #{sso_session_name} must be defined in the config file." \
|
357
385
|
"Referenced by profile #{profile}"
|
358
386
|
end
|
359
387
|
|
@@ -3,24 +3,19 @@
|
|
3
3
|
module Aws
|
4
4
|
# An auto-refreshing credential provider that assumes a role via
|
5
5
|
# {Aws::SSO::Client#get_role_credentials} using a cached access
|
6
|
-
# token.
|
7
|
-
#
|
8
|
-
#
|
9
|
-
#
|
10
|
-
#
|
11
|
-
#
|
12
|
-
# access token generated and cached from `aws login` will also expire.
|
13
|
-
# Once this token expires, it will not be usable to refresh AWS credentials,
|
14
|
-
# and another token will be needed. The SDK does not manage refreshing of
|
15
|
-
# the token value, but this can be done by running `aws login` with the
|
16
|
-
# correct profile.
|
6
|
+
# token. When `sso_session` is specified, token refresh logic from
|
7
|
+
# {Aws::SSOTokenProvider} will be used to refresh the token if possible.
|
8
|
+
# This class does NOT implement the SSO login token flow - tokens
|
9
|
+
# must generated separately by running `aws login` from the
|
10
|
+
# AWS CLI with the correct profile. The `SSOCredentials` will
|
11
|
+
# auto-refresh the AWS credentials from SSO.
|
17
12
|
#
|
18
13
|
# # You must first run aws sso login --profile your-sso-profile
|
19
14
|
# sso_credentials = Aws::SSOCredentials.new(
|
20
15
|
# sso_account_id: '123456789',
|
21
16
|
# sso_role_name: "role_name",
|
22
17
|
# sso_region: "us-east-1",
|
23
|
-
#
|
18
|
+
# sso_session: 'my_sso_session'
|
24
19
|
# )
|
25
20
|
# ec2 = Aws::EC2::Client.new(credentials: sso_credentials)
|
26
21
|
#
|
@@ -35,7 +30,8 @@ module Aws
|
|
35
30
|
include RefreshingCredentials
|
36
31
|
|
37
32
|
# @api private
|
38
|
-
|
33
|
+
LEGACY_REQUIRED_OPTS = [:sso_start_url, :sso_account_id, :sso_region, :sso_role_name].freeze
|
34
|
+
TOKEN_PROVIDER_REQUIRED_OPTS = [:sso_session, :sso_account_id, :sso_region, :sso_role_name].freeze
|
39
35
|
|
40
36
|
# @api private
|
41
37
|
SSO_LOGIN_GUIDANCE = 'The SSO session associated with this profile has '\
|
@@ -45,17 +41,23 @@ module Aws
|
|
45
41
|
# @option options [required, String] :sso_account_id The AWS account ID
|
46
42
|
# that temporary AWS credentials will be resolved for
|
47
43
|
#
|
48
|
-
# @option options [required, String] :sso_region The AWS region where the
|
49
|
-
# SSO directory for the given sso_start_url is hosted.
|
50
|
-
#
|
51
44
|
# @option options [required, String] :sso_role_name The corresponding
|
52
45
|
# IAM role in the AWS account that temporary AWS credentials
|
53
46
|
# will be resolved for.
|
54
47
|
#
|
55
|
-
# @option options [required, String] :
|
56
|
-
#
|
48
|
+
# @option options [required, String] :sso_region The AWS region where the
|
49
|
+
# SSO directory for the given sso_start_url is hosted.
|
50
|
+
#
|
51
|
+
# @option options [String] :sso_session The SSO Token used for fetching
|
52
|
+
# the token. If provided, refresh logic from the {Aws::SSOTokenProvider}
|
53
|
+
# will be used.
|
54
|
+
#
|
55
|
+
# @option options [String] :sso_start_url (legacy profiles) If provided,
|
56
|
+
# legacy token fetch behavior will be used, which does not support
|
57
|
+
# token refreshing. The start URL is provided by the SSO
|
58
|
+
# service via the console and is the URL used to
|
57
59
|
# login to the SSO directory. This is also sometimes referred to as
|
58
|
-
# the "User Portal URL"
|
60
|
+
# the "User Portal URL".
|
59
61
|
#
|
60
62
|
# @option options [SSO::Client] :client Optional `SSO::Client`. If not
|
61
63
|
# provided, a client will be constructed.
|
@@ -65,27 +67,52 @@ module Aws
|
|
65
67
|
# with an instance of this object when
|
66
68
|
# AWS credentials are required and need to be refreshed.
|
67
69
|
def initialize(options = {})
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
70
|
+
options = options.select {|k, v| !v.nil? }
|
71
|
+
if (options[:sso_session])
|
72
|
+
missing_keys = TOKEN_PROVIDER_REQUIRED_OPTS.select { |k| options[k].nil? }
|
73
|
+
unless missing_keys.empty?
|
74
|
+
raise ArgumentError, "Missing required keys: #{missing_keys}"
|
75
|
+
end
|
76
|
+
@legacy = false
|
77
|
+
@sso_role_name = options.delete(:sso_role_name)
|
78
|
+
@sso_account_id = options.delete(:sso_account_id)
|
79
|
+
|
80
|
+
# if client has been passed, don't pass through to SSOTokenProvider
|
81
|
+
@client = options.delete(:client)
|
82
|
+
options.delete(:sso_start_url)
|
83
|
+
@token_provider = Aws::SSOTokenProvider.new(options.dup)
|
84
|
+
@sso_session = options.delete(:sso_session)
|
85
|
+
@sso_region = options.delete(:sso_region)
|
86
|
+
|
87
|
+
unless @client
|
88
|
+
client_opts = {}
|
89
|
+
options.each_pair { |k,v| client_opts[k] = v unless CLIENT_EXCLUDE_OPTIONS.include?(k) }
|
90
|
+
client_opts[:region] = @sso_region
|
91
|
+
client_opts[:credentials] = nil
|
92
|
+
@client = Aws::SSO::Client.new(client_opts)
|
93
|
+
end
|
94
|
+
else # legacy behavior
|
95
|
+
missing_keys = LEGACY_REQUIRED_OPTS.select { |k| options[k].nil? }
|
96
|
+
unless missing_keys.empty?
|
97
|
+
raise ArgumentError, "Missing required keys: #{missing_keys}"
|
98
|
+
end
|
99
|
+
@legacy = true
|
100
|
+
@sso_start_url = options.delete(:sso_start_url)
|
101
|
+
@sso_region = options.delete(:sso_region)
|
102
|
+
@sso_role_name = options.delete(:sso_role_name)
|
103
|
+
@sso_account_id = options.delete(:sso_account_id)
|
104
|
+
|
105
|
+
# validate we can read the token file
|
106
|
+
read_cached_token
|
107
|
+
|
108
|
+
client_opts = {}
|
109
|
+
options.each_pair { |k,v| client_opts[k] = v unless CLIENT_EXCLUDE_OPTIONS.include?(k) }
|
110
|
+
client_opts[:region] = @sso_region
|
111
|
+
client_opts[:credentials] = nil
|
112
|
+
|
113
|
+
@client = options[:client] || Aws::SSO::Client.new(client_opts)
|
72
114
|
end
|
73
115
|
|
74
|
-
@sso_start_url = options.delete(:sso_start_url)
|
75
|
-
@sso_region = options.delete(:sso_region)
|
76
|
-
@sso_role_name = options.delete(:sso_role_name)
|
77
|
-
@sso_account_id = options.delete(:sso_account_id)
|
78
|
-
|
79
|
-
# validate we can read the token file
|
80
|
-
read_cached_token
|
81
|
-
|
82
|
-
|
83
|
-
client_opts = {}
|
84
|
-
options.each_pair { |k,v| client_opts[k] = v unless CLIENT_EXCLUDE_OPTIONS.include?(k) }
|
85
|
-
client_opts[:region] = @sso_region
|
86
|
-
client_opts[:credentials] = nil
|
87
|
-
|
88
|
-
@client = options[:client] || Aws::SSO::Client.new(client_opts)
|
89
116
|
@async_refresh = true
|
90
117
|
super
|
91
118
|
end
|
@@ -111,12 +138,20 @@ module Aws
|
|
111
138
|
end
|
112
139
|
|
113
140
|
def refresh
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
141
|
+
c = if @legacy
|
142
|
+
cached_token = read_cached_token
|
143
|
+
@client.get_role_credentials(
|
144
|
+
account_id: @sso_account_id,
|
145
|
+
role_name: @sso_role_name,
|
146
|
+
access_token: cached_token['accessToken']
|
147
|
+
).role_credentials
|
148
|
+
else
|
149
|
+
@client.get_role_credentials(
|
150
|
+
account_id: @sso_account_id,
|
151
|
+
role_name: @sso_role_name,
|
152
|
+
access_token: @token_provider.token.token
|
153
|
+
).role_credentials
|
154
|
+
end
|
120
155
|
|
121
156
|
@credentials = Credentials.new(
|
122
157
|
c.access_key_id,
|
@@ -39,12 +39,13 @@ module Aws
|
|
39
39
|
|
40
40
|
options[:region] = @sso_region
|
41
41
|
options[:credentials] = nil
|
42
|
+
options[:token_provider] = nil
|
42
43
|
@client = options[:client] || Aws::SSOOIDC::Client.new(options)
|
43
44
|
|
44
45
|
super
|
45
46
|
end
|
46
47
|
|
47
|
-
# @return [
|
48
|
+
# @return [SSOOIDC::Client]
|
48
49
|
attr_reader :client
|
49
50
|
|
50
51
|
private
|
@@ -66,7 +67,7 @@ module Aws
|
|
66
67
|
resp = @client.create_token(
|
67
68
|
grant_type: 'refresh_token',
|
68
69
|
client_id: token_json['clientId'],
|
69
|
-
client_secret: token_json['
|
70
|
+
client_secret: token_json['clientSecret'],
|
70
71
|
refresh_token: token_json['refreshToken']
|
71
72
|
)
|
72
73
|
token_json['accessToken'] = resp.access_token
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso/types.rb
CHANGED
@@ -34,15 +34,6 @@ module Aws::SSO
|
|
34
34
|
include Aws::Structure
|
35
35
|
end
|
36
36
|
|
37
|
-
# @note When making an API call, you may pass GetRoleCredentialsRequest
|
38
|
-
# data as a hash:
|
39
|
-
#
|
40
|
-
# {
|
41
|
-
# role_name: "RoleNameType", # required
|
42
|
-
# account_id: "AccountIdType", # required
|
43
|
-
# access_token: "AccessTokenType", # required
|
44
|
-
# }
|
45
|
-
#
|
46
37
|
# @!attribute [rw] role_name
|
47
38
|
# The friendly name of the role that is assigned to the user.
|
48
39
|
# @return [String]
|
@@ -97,16 +88,6 @@ module Aws::SSO
|
|
97
88
|
include Aws::Structure
|
98
89
|
end
|
99
90
|
|
100
|
-
# @note When making an API call, you may pass ListAccountRolesRequest
|
101
|
-
# data as a hash:
|
102
|
-
#
|
103
|
-
# {
|
104
|
-
# next_token: "NextTokenType",
|
105
|
-
# max_results: 1,
|
106
|
-
# access_token: "AccessTokenType", # required
|
107
|
-
# account_id: "AccountIdType", # required
|
108
|
-
# }
|
109
|
-
#
|
110
91
|
# @!attribute [rw] next_token
|
111
92
|
# The page token from the previous response output when you request
|
112
93
|
# subsequent pages.
|
@@ -159,15 +140,6 @@ module Aws::SSO
|
|
159
140
|
include Aws::Structure
|
160
141
|
end
|
161
142
|
|
162
|
-
# @note When making an API call, you may pass ListAccountsRequest
|
163
|
-
# data as a hash:
|
164
|
-
#
|
165
|
-
# {
|
166
|
-
# next_token: "NextTokenType",
|
167
|
-
# max_results: 1,
|
168
|
-
# access_token: "AccessTokenType", # required
|
169
|
-
# }
|
170
|
-
#
|
171
143
|
# @!attribute [rw] next_token
|
172
144
|
# (Optional) When requesting subsequent pages, this is the page token
|
173
145
|
# from the previous response output.
|
@@ -215,13 +187,6 @@ module Aws::SSO
|
|
215
187
|
include Aws::Structure
|
216
188
|
end
|
217
189
|
|
218
|
-
# @note When making an API call, you may pass LogoutRequest
|
219
|
-
# data as a hash:
|
220
|
-
#
|
221
|
-
# {
|
222
|
-
# access_token: "AccessTokenType", # required
|
223
|
-
# }
|
224
|
-
#
|
225
190
|
# @!attribute [rw] access_token
|
226
191
|
# The token issued by the `CreateToken` API call. For more
|
227
192
|
# information, see [CreateToken][1] in the *IAM Identity Center OIDC
|
data/lib/aws-sdk-sso.rb
CHANGED
@@ -45,20 +45,6 @@ module Aws::SSOOIDC
|
|
45
45
|
include Aws::Structure
|
46
46
|
end
|
47
47
|
|
48
|
-
# @note When making an API call, you may pass CreateTokenRequest
|
49
|
-
# data as a hash:
|
50
|
-
#
|
51
|
-
# {
|
52
|
-
# client_id: "ClientId", # required
|
53
|
-
# client_secret: "ClientSecret", # required
|
54
|
-
# grant_type: "GrantType", # required
|
55
|
-
# device_code: "DeviceCode",
|
56
|
-
# code: "AuthCode",
|
57
|
-
# refresh_token: "RefreshToken",
|
58
|
-
# scope: ["Scope"],
|
59
|
-
# redirect_uri: "URI",
|
60
|
-
# }
|
61
|
-
#
|
62
48
|
# @!attribute [rw] client_id
|
63
49
|
# The unique identifier string for each client. This value should come
|
64
50
|
# from the persisted result of the RegisterClient API.
|
@@ -317,15 +303,6 @@ module Aws::SSOOIDC
|
|
317
303
|
include Aws::Structure
|
318
304
|
end
|
319
305
|
|
320
|
-
# @note When making an API call, you may pass RegisterClientRequest
|
321
|
-
# data as a hash:
|
322
|
-
#
|
323
|
-
# {
|
324
|
-
# client_name: "ClientName", # required
|
325
|
-
# client_type: "ClientType", # required
|
326
|
-
# scopes: ["Scope"],
|
327
|
-
# }
|
328
|
-
#
|
329
306
|
# @!attribute [rw] client_name
|
330
307
|
# The friendly name of the client.
|
331
308
|
# @return [String]
|
@@ -410,15 +387,6 @@ module Aws::SSOOIDC
|
|
410
387
|
include Aws::Structure
|
411
388
|
end
|
412
389
|
|
413
|
-
# @note When making an API call, you may pass StartDeviceAuthorizationRequest
|
414
|
-
# data as a hash:
|
415
|
-
#
|
416
|
-
# {
|
417
|
-
# client_id: "ClientId", # required
|
418
|
-
# client_secret: "ClientSecret", # required
|
419
|
-
# start_url: "URI", # required
|
420
|
-
# }
|
421
|
-
#
|
422
390
|
# @!attribute [rw] client_id
|
423
391
|
# The unique identifier string for the client that is registered with
|
424
392
|
# IAM Identity Center. This value should come from the persisted
|